From 0d349aa886c37b2dcba4878cfcc564154045d448 Mon Sep 17 00:00:00 2001
From: Michael Grote <michael.grote@posteo.de>
Date: Tue, 9 Jul 2024 22:07:08 +0200
Subject: [PATCH] d

---
 .woodpecker/ansible-lint.yml     |  7 ++++++-
 .woodpecker/ansible-playbook.yml | 12 ++++++++----
 2 files changed, 14 insertions(+), 5 deletions(-)

diff --git a/.woodpecker/ansible-lint.yml b/.woodpecker/ansible-lint.yml
index 920007bb..c37de463 100644
--- a/.woodpecker/ansible-lint.yml
+++ b/.woodpecker/ansible-lint.yml
@@ -6,9 +6,14 @@ steps:
   ansible-lint:
     image: quay.io/ansible/creator-ee:v24.2.0
     commands:
-      - pip install 'pykeepass==4.0.3' --user
+      # Secrets
+      - echo $${SSHKEY} | base64 -d > ./id_ed25519 # woodpecker verschluckt linebreakes, daher mit base64 -w0 "kodiert"
       - echo $${VAULTPASS} | base64 -d > ./vault-pass.yml # Name des Secrets in Großschreibung
+      - chmod 0400 ./id_ed25519
+      # Abhängigkeiten
+      - pip install 'pykeepass==4.0.3' --user
       - ansible-galaxy install -r requirements.yaml
+      # Doing
       - ansible-lint --version
       - ansible-lint --force-color --format pep8
     # https://woodpecker-ci.org/docs/usage/secrets#use-secrets-in-commands
diff --git a/.woodpecker/ansible-playbook.yml b/.woodpecker/ansible-playbook.yml
index 976c581a..c3c86d0d 100644
--- a/.woodpecker/ansible-playbook.yml
+++ b/.woodpecker/ansible-playbook.yml
@@ -6,12 +6,16 @@ steps:
   ansible-playbook:
     image: quay.io/ansible/creator-ee:v24.2.0
     commands:
-      - pip install 'pykeepass==4.0.3' --user
-      - echo $${VAULTPASS} | base64 -d > ./vault-pass.yml # Name des Secrets in Großschreibung
-      - ansible localhost -m debug -a "var={{ lookup('keepass', 'restic_repository_password', 'password') }}"
-      - ansible-galaxy install -r requirements.yaml
+      # Secrets
       - echo $${SSHKEY} | base64 -d > ./id_ed25519 # woodpecker verschluckt linebreakes, daher mit base64 -w0 "kodiert"
+      - echo $${VAULTPASS} | base64 -d > ./vault-pass.yml # Name des Secrets in Großschreibung
       - chmod 0400 ./id_ed25519
+      # Abhängigkeiten
+      - pip install 'pykeepass==4.0.3' --user
+      - ansible-galaxy install -r requirements.yaml
+      # Debug
+      - ansible localhost -m debug -a "var={{ lookup('keepass', 'restic_repository_password', 'password') }}"
+      # Doing
       - ansible-playbook playbooks/2_all.yml playbooks/3_service/* --limit production
     # https://woodpecker-ci.org/docs/usage/secrets#use-secrets-in-commands
     secrets: [vaultpass, sshkey]